Use CoreDNS to do recursive CNAME aliasing for AGH
This commit is contained in:
Jake Howard
parent
3ed7074af6
commit
f5154d1683
32
ansible/roles/adguardhome/files/Corefile
Normal file
32
ansible/roles/adguardhome/files/Corefile
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
(alias) {
|
||||||
|
errors
|
||||||
|
cancel
|
||||||
|
|
||||||
|
forward . tls://9.9.9.10 {
|
||||||
|
tls_servername dns10.quad9.net
|
||||||
|
}
|
||||||
|
|
||||||
|
hosts {
|
||||||
|
{{ pve_hosts.ingress.external_ip }} pve.sys.theorangeone.net
|
||||||
|
fallthrough
|
||||||
|
ttl 300
|
||||||
|
}
|
||||||
|
|
||||||
|
# HACK: Rewrite the CNAME to itself so it's reprocessed
|
||||||
|
rewrite cname exact pve.sys.theorangeone.net. pve.sys.theorangeone.net.
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
theorangeone.net:5353 {
|
||||||
|
import alias
|
||||||
|
}
|
||||||
|
|
||||||
|
jakehoward.tech:5353 {
|
||||||
|
import alias
|
||||||
|
}
|
||||||
|
|
||||||
|
.:5353 {
|
||||||
|
acl {
|
||||||
|
block
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -24,6 +24,8 @@ dns:
|
|||||||
refuse_any: true
|
refuse_any: true
|
||||||
upstream_dns:
|
upstream_dns:
|
||||||
- tls://dns10.quad9.net
|
- tls://dns10.quad9.net
|
||||||
|
- '[/theorangeone.net/]127.0.0.53:5353'
|
||||||
|
- '[/jakehoward.tech/]127.0.0.53:5353'
|
||||||
upstream_dns_file: ""
|
upstream_dns_file: ""
|
||||||
bootstrap_dns:
|
bootstrap_dns:
|
||||||
- 9.9.9.10
|
- 9.9.9.10
|
||||||
@ -140,9 +142,7 @@ filtering:
|
|||||||
blocking_mode: default
|
blocking_mode: default
|
||||||
parental_block_host: family-block.dns.adguard.com
|
parental_block_host: family-block.dns.adguard.com
|
||||||
safebrowsing_block_host: standard-block.dns.adguard.com
|
safebrowsing_block_host: standard-block.dns.adguard.com
|
||||||
rewrites:
|
rewrites: []
|
||||||
- domain: pve.sys.theorangeone.net
|
|
||||||
answer: "{{ pve_hosts.ingress.external_ip }}"
|
|
||||||
safebrowsing_cache_size: 1048576
|
safebrowsing_cache_size: 1048576
|
||||||
safesearch_cache_size: 1048576
|
safesearch_cache_size: 1048576
|
||||||
parental_cache_size: 1048576
|
parental_cache_size: 1048576
|
||||||
|
|||||||
@ -2,4 +2,12 @@
|
|||||||
service:
|
service:
|
||||||
name: adguardhome
|
name: adguardhome
|
||||||
state: restarted
|
state: restarted
|
||||||
|
enabled: true
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: restart coredns
|
||||||
|
service:
|
||||||
|
name: coredns
|
||||||
|
state: restarted
|
||||||
|
enabled: true
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@ -15,3 +15,17 @@
|
|||||||
mode: "0600"
|
mode: "0600"
|
||||||
notify: restart adguardhome
|
notify: restart adguardhome
|
||||||
become: true
|
become: true
|
||||||
|
|
||||||
|
- name: Install coredns
|
||||||
|
kewlfft.aur.aur:
|
||||||
|
name: coredns
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Install coredns config file
|
||||||
|
template:
|
||||||
|
src: files/Corefile
|
||||||
|
dest: /etc/coredns/Corefile
|
||||||
|
owner: coredns
|
||||||
|
mode: "0644"
|
||||||
|
notify: restart coredns
|
||||||
|
become: true
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user